2

I'm currently working on an Azure deployment and running into a inconvenience. I need to get the IP address of an dns Inboud Endpoint. This resource already exists. I can reference the resource like this:

param dnsInboundEndpointName string
resource dnsInboundEndpoint 'Microsoft.Network/dnsResolvers/inboundEndpoints@2022-07-01' existing = {
  name: dnsInboundEndpointName
}

I want to use this while creating a firewall policy like this (somewhat simplified):

resource firewallPolicy 'Microsoft.Network/firewallPolicies@2022-09-01' = {
  name: azureFirewallPolicyName
  location: location
  properties: {
    dnsSettings: {
        enableProxy: true
        servers: [dnsInboundEndpoint.properties.ipConfigurations[0].privateIpAddress]
    }
    sku: {
      tier: azureFirewallPolicySku
    }
  }
}

Now when I try to to deploy this I get the following error:

'The template resource 'xxx' at line '1' and column '1359' is not valid: The language expression property array index '1' is out of bounds.

I've tried creating a param like this:

param test string = dnsInboundEndpoint.properties.ipConfigurations[0].privateIpAddress

and a var like this:

var dnsInboundEndpointIP = {
  ip: dnsInboundEndpoint.properties.ipConfigurations[0].privateIpAddress
}

but I keep getting this error.

I would like to know how I can reference the IP address of the DNS Inbound endpoint.

Thomas
  • 24,234
  • 6
  • 81
  • 125
GetShifting
  • 461
  • 4
  • 12

1 Answers1

2

You are missing the name of the dnsResolver resource. InboundEndpoints are subresources and the parent resource needs to be specified:

param dnsResolverName string
param dnsInboundEndpointName string
...

// Get a reference to the dns resolver resource 
resource dnsResolver 'Microsoft.Network/dnsResolvers@2022-07-01' existing = {
  name: dnsResolverName
}

// Get a reference to the inbound rule
resource dnsInboundEndpoint 'Microsoft.Network/dnsResolvers/inboundEndpoints@2022-07-01' existing = {
  name: dnsInboundEndpointName
  parent: dnsResolver
}

// Create firewall policy
resource firewallPolicy 'Microsoft.Network/firewallPolicies@2022-09-01' = {
  ...
  properties: {
    dnsSettings: {
      enableProxy: true
      servers: [
        dnsInboundEndpoint.properties.ipConfigurations[0].privateIpAddress
      ]
    }
    ...
  }
}
Thomas
  • 24,234
  • 6
  • 81
  • 125
  • 1
    Thank you. If only I would have gotten an error like 'missing parent' I would probably have figured it out. For future reference, I also had to add the resourcegroup scope to the dnsresolver as it lives in another rg. Thanks again! – GetShifting Jun 17 '23 at 09:40